F-Secure has issued a 'critical' alert for a vulnerability in its own antivirus software.
According to an F-Secure security bulletin, several of its products have a buffer-overflow vulnerability in processing LHA archives. LHA is a compression utility. The vulnerability could allow an attacker to execute arbitrary code or to create a denial-of-service condition.
Various versions of F-Secure's software for both Windows and Linux are affected. The security vendor has suggested a range of fixes in the bulletin.